- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 02 May 2013 09:05:15 +0200
- To: Mark Nottingham <mnot@mnot.net>
- CC: Ken Murchison <murch@andrew.cmu.edu>, ietf-http-wg@w3.org
On 2013-05-01 01:26, Mark Nottingham wrote: > > On 01/05/2013, at 12:46 AM, Ken Murchison <murch@andrew.cmu.edu> wrote: > >> On Tue, 30 Apr 2013 15:07:49 +0200, Julian Reschke wrote: >>> On 2013-04-23 05:47, Mark Nottingham wrote: >>> >>>> * 3.1 "...instead they MUST respond with the 412 (Precondition Failed) status code." This is too strong; e.g., what if authentication is needed? Suggest an "unless..." clause allowing other error status codes. >> >> The first paragraph of Section 5 seems to address the case of 401 and any other errors: >> >> "For each conditional request, a server must evaluate the request preconditions after it has successfully performed its normal request checks (i.e., just before it would perform the action associated with the request method). Preconditions are ignored if the server determines that an error or redirect response applies before they are evaluated. Otherwise, the evaluation depends on both the method semantics and the choice of conditional." >> >> The second sentence in Section 3 references Section 5 as far as when preconditions are applied. This seems sufficient to me, but perhaps that is because I have read the document several times and know what it says in its entirety. > > Unfortunately, some (many) people will read the MUST and just stop. Not convinced. We could move the text into each status code description, but I don't think it makes things much clearer. > Also, everywhere else we suggest the most sensible status code to use in a situation, barring exceptions (which is essentially what we're doing here), it's SHOULD; the MUST here seems sorely out of place. Why? Best regards, Julian
Received on Thursday, 2 May 2013 07:05:44 UTC